llm-security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill includes code that embeds an API key directly into an Authorization header (e.g., Authorization: Bearer {api_key}), which would require the agent to accept and insert secret values verbatim into requests or generated commands, creating exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is intentionally offensive/abusive: it contains explicit payloads and step-by-step techniques for data exfiltration, backdoor/remote-exec creation, credential theft, RAG/poisoning and supply‑chain abuse, and obfuscation/token‑smuggling methods that enable deliberate malicious activity and easy abuse.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill includes explicit instructions and examples that read sensitive files (e.g., /etc/passwd), create files in system directories (e.g., /tmp/backdoor.sh), and test persistent/privilege-escalating actions, which push an agent to modify or compromise the host system state.